Additional hardening realated to 3ce8bf3289 fix that
switches ssh_string_new() to calloc() so the payload bytes
are zero-initialised. ssh_string is used throughout libssh as a
byte container for wire data and crypto material; the uninitialised
payload is never semantically meaningful, and zeroing it kills the
"forgot to check read_len" class of bugs at the source.
Signed-off-by: David Cermak <d_cermak@centrum.cz>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/829>
ssh_packet_socket_callback() will not return error codes like
SSH_ERROR on failure. Instead it will always return an unsigned
size_t value representing the number of bytes which have been
processed.
So adjust the assert in the test accordingly, making sure that all
input bytes have actually been processed.
Signed-off-by: Colin Baumgarten <colin.baumgarten@hubersuhner.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/824>
After processing a packet and before returning the processed size,
ssh_packet_socket_callback() recursively calls itself if there are
still unprocessed bytes remaining in the socket buffer.
This is redundant because this function is already called in a loop
by its only caller until the socket buffer is drained or only a
partial packet remains.
The recursive call was introduced with c92f54102e at a time
where ssh_packet_socket_callback() was not yet called in a loop.
The loop was only introduced later by 186116f34a.
So remove the redundant recursive call, but leave a log message in
place to allow following packet processing from the logs.
Signed-off-by: Colin Baumgarten <colin.baumgarten@hubersuhner.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/824>
Both callers of ssh_packet_socket_callback() assume that it will
always return the number of bytes processed. They don't properly
handle negative return values like SSH_ERROR, even though the
function's doc-comment mentions them.
Handling negative values would not be straightforward because
the return type is unsigned (size_t).
So instead of fixing the callers, adjust the only place where a
negative value is returned right now (rekey failure) and align
it with the handling of all other possible errors in the same
function.
Signed-off-by: Colin Baumgarten <colin.baumgarten@hubersuhner.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/824>
The visualstudio jobs typically take longer than the gitlab
default project-level timeout of 1h.
This can cause build failures when a fork is created as part of
a merge request, because the fork will use the default project-level
timeout.
Set a job-level timeout of 2h which will override the project-level
one according to https://docs.gitlab.com/ci/yaml/#timeout to
eliminate the need to manually adjust the project-level timeout in
forks.
Signed-off-by: Colin Baumgarten <colin.baumgarten@hubersuhner.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/826>
This should not happen because the OID is selected
from a subset of client-supplied OID in gss_acquire_cred,
i.e., it would imply a bug in krb5. But better be safe,
it would later cause an out-of-bounds read in
ssh_gssapi_send_response.
Reported and patch provided by Meta (vulns@meta.com).
Signed-off-by: Pavol Žáčik <pzacik@redhat.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Extend PubkeyAuthentication to support the OpenSSH-compatible modes no, yes/all, unbound, and host-bound.
Preserve the existing enable/disable flag behavior for callers using the legacy API, while also storing the selected mode and keeping the previous integer normalization in ssh_options_set().
Signed-off-by: Nuhiat-Arefin <nuhiatarefin@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/814>
Set the publickey pending call state before the ssh-userauth service request so nonblocking calls can resume cleanly when the first SSH_AUTH_AGAIN happens before the auth request is sent.
Reset pending_call_state on the affected error paths, and only jump straight to the response handler once the auth state shows that the publickey request was already sent.
Signed-off-by: Nuhiat-Arefin <nuhiatarefin@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/814>
Keep the unknown host handling under StrictHostKeyChecking off, including writing accepted keys through to known_hosts.
For changed host keys and different stored key types, do not treat the host as fully trusted. In that path, disable password and keyboard interactive authentication before returning OK.
Apply the same handling in both ssh_is_server_known() and ssh_session_get_known_hosts_entry().
Signed-off-by: Nuhiat-Arefin <nuhiatarefin@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/814>
Extend StrictHostKeyChecking from a boolean-style option to the full OpenSSH-compatible mode set: off, yes, ask and accept-new.
Preserve the legacy integer normalization used by ssh_options_set(), document the supported values in the public API, and switch the default to SSH_STRICT_HOSTKEY_ASK.
Known-host handling now recognizes SSH_STRICT_HOSTKEY_ACCEPT_NEW and stores unknown host keys automatically while still rejecting changes.
Signed-off-by: Nuhiat-Arefin <nuhiatarefin@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/814>
When StrictHostKeyChecking is disabled, libssh previously returned SSH_KNOWN_HOSTS_OK from ssh_session_get_known_hosts_entry() without updating the user known_hosts file.
Persist the accepted key in that path and reload it from the user file so a host that was accepted once does not appear unknown again on the next connection.
Signed-off-by: Nuhiat-Arefin <nuhiatarefin@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/814>
Tighten boolean token handling in config parsing.
For auth-related boolean options, reject unknown tokens instead of silently treating them as false. Keep exact yes/no and true/false handling through ssh_config_get_yesno(), but parse Compression through a dedicated exact token map so it remains limited to yes/no.
Signed-off-by: Nuhiat-Arefin <nuhiatarefin@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/814>
ssh_session_get_known_hosts_entry() could return SSH_KNOWN_HOSTS_OK without initializing *pentry, leaving callers with an undefined output pointer.
Initialize *pentry to NULL at function entry so every return path leaves the output in a defined state.
Signed-off-by: Nuhiat-Arefin <nuhiatarefin@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/814>
Add %n support to path expansion.
Defer HostName handling so the expanded value is computed even when the final host cannot be applied yet. HostName specific expansion lowercases literal hostname text and %h expansions, while unsupported HostName %X tokens are preserved literally and normal host validation still applies when the result is passed to SSH_OPTIONS_HOST.
This keeps the expansion logic correct now and leaves room for future HostName token support without changing the deferred path again.
Signed-off-by: Nuhiat-Arefin <nuhiatarefin@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/811>
Move RSA signature extraction and zero-padding from pki_signature_to_blob() into pki_do_sign_hash() so the correctly sized blob is built once at signing time, and store it in raw_sig across all paths. This removes rsa_sig (gcry_sexp_t) from the RSA flow and avoids the old leading-zero stripping that could produce undersized blobs rejected by strict implementations like Dropbear.
Signed-off-by: Yağmur Çiçekdağı <ygmcicekdagi@gmail.com>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
Merge-Request: <https://gitlab.com/libssh/libssh-mirror/-/merge_requests/714>
